CVE-2021-29987

After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not want to. *This bug only affects Firefox on Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 91 and Thunderbird < 91.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

Information

Published : 2021-08-17 13:15

Updated : 2022-03-16 08:13


NVD link : CVE-2021-29987

Mitre link : CVE-2021-29987


JSON object : View

CWE
CWE-307

Improper Restriction of Excessive Authentication Attempts

Advertisement

dedicated server usa

Products Affected

mozilla

  • firefox
  • thunderbird

linux

  • linux_kernel